You are right, you don’t get totally locked out in this case, my bad. Still, there are stories online of people losing access to their gmail accounts. Might not be a source of risk worth considering though.
A large fraction of the stories I’ve been able to find are people who set up 2FA without a spare and then lost it (https://hn.algolia.com/?q=google+account+locked+out, linked in the post). I think this is a serious risk, but it’s also pretty easy to avoid (by always having at least two, ideally three, registered security keys)
You are right, you don’t get totally locked out in this case, my bad. Still, there are stories online of people losing access to their gmail accounts. Might not be a source of risk worth considering though.
A large fraction of the stories I’ve been able to find are people who set up 2FA without a spare and then lost it (https://hn.algolia.com/?q=google+account+locked+out, linked in the post). I think this is a serious risk, but it’s also pretty easy to avoid (by always having at least two, ideally three, registered security keys)